Rapport de ZHPDiag v2013.4.27.159 par Nicolas Coolman, Update du 27/04/2013 Run by MILOUCHE at 28/04/2013 14:26:38 State : Version à jour. WhiteList : Enable High Elevated Privileges : OK UAC : Deactivate by program ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) GCIE: Google Chrome v26.0.1410.64 ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK Windows Automatic Updates : OK ---\\ System Protection Avira Free Antivirus v13.0.0.2678 ---\\ System Optimizer CCleaner v3.21 ---\\ Software Update Adobe Flash Player 11 ActiveX Adobe Reader X Java 7 Update 21 ---\\ System Information ~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2813 MB (54% free) System Restore: Activé (Enable) System drive C: has 19 GB (26%) free of 70 GB ---\\ Logged in mode ~ Computer Name: DAD ~ User Name: MILOUCHE ~ All Users Names: UpdatusUser, MILOUCHE, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\MILOUCHE\AppData\Roaming\ ~ %Desktop% : C:\Users\MILOUCHE\Desktop\ ~ %Favorites% : C:\Users\MILOUCHE\Favorites\ ~ %LocalAppData% : C:\Users\MILOUCHE\AppData\Local\ ~ %StartMenu% : C:\Users\MILOUCHE\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 70 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 69 Go of 70 Go) F:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/4104 ~ Mes musiques (My Musics) : 311/749 ~ Mes Videos (My Videos) : 1/7 ~ Mes Favoris (My Favorites) : 1/16 ~ Mes Documents (My Documents) : 1/423 ~ Mon Bureau (My Desktop) : 1/12 ~ Menu demarrer (Programs) : 1/47 ~ Hidden Files: Scanned in 00mn 02s ---\\ Processus lancés [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.7532] [MD5.B2B2FE2671DD98A322B0AD7079C0B2B2] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216] [PID.7564] [MD5.B776DFE408E415AA901030C022EEB7DA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.7684] [MD5.B93C4070F24E46B0097648C276B5039E] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.7740] [MD5.FEE45AD0B1EBF2C2D295B59BA593F6CD] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521464] [PID.7764] [MD5.BFCCB1999AE58969A85F1767E0FE6607] - (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files\Hercules\Dualpix HD720p Emotion\XtrCtrlPro.exe [3253544] [PID.7804] [MD5.96B3C4E20F02CA16AA1E3E425BFFCC8B] - (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe [648072] [PID.7820] [MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.7836] [MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.7852] [MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.7908] [MD5.32732CEDE2A1106B736EF3D84054EE04] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757376] [PID.1944] [MD5.5463971AE736655EC8BD4198B46CE29D] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe [812424] [PID.4000] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4344] [MD5.FE144DB29FE08220948EE92EEA56B43C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7046656] [PID.6856] [MD5.31B8835B003CAA6D31BEAD83DDBF98E5] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\Windows\system32\nvvsvc.exe [634656] [PID.956] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1708] [MD5.1ED58DA041A992EEEC934290508B6B71] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [865056] [PID.2084] [MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752] [PID.2804] [MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.3324] [MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816] [PID.3364] [MD5.4D06D9A26227AC485305133916888DF1] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576] [PID.3444] [MD5.06A49B7BDC36CFBF97DD90804F833369] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [272024] [PID.3948] [MD5.6B3DD4B1D5D4C239AD84A460E676C6D7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [79584] [PID.5720] [MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [PID.6820] [MD5.DCF3E3EDF5109EE8BC02FE6E1F045795] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504] [PID.4732] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (...) -- C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ IE Browser: 13 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [LanguageShortcut] . (.Pas de propriétaire - Language Application.) -- C:\Program Files\CyberLink\PowerDVD\Language\Language.exe O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1366x768.cmd (.not file.) O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [CamserviceInfinite] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files\Hercules\Dualpix HD720p Emotion\XtrCtrlPro.exe O4 - HKLM\..\Run: [CamserviceHDEmotion] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files\Hercules\Dualpix HD720p Emotion\XtrCtrlPro.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.) O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.) O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [Xvid] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.) O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.) O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-21-2273597886-3295227178-149766737-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - GS\QuickLaunch: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe O4 - GS\QuickLaunch: Ciel Comptes Personnels.lnk . (.Ciel SA - Comptes Personnels.) -- C:\Program Files\Ciel\Comptes Personnels\WCP.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\MILOUCHE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Outlook.url . (.Microsoft Corporation - Internet Explorer.) -- C:\Users\MILOUCHE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Outlook.url O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe O4 - GS\QuickLaunch: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - GS\Desktop: Corbeille.lnk - Clé orpheline O4 - Global Startup: C:\Users\MILOUCHE\Desktop\Découvrez Hotmail.url . (.Driver-Soft Inc. - Driver Genius Setup.) -- C:\Users\MILOUCHE\Desktop\Découvrez Hotmail.url ~ Global Startup: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpDomain = lan O17 - HKLM\System\CS3\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS3\Services\Tcpip\..\{55F6EDDB-CBA1-4599-ACBE-ED509F63704A}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.) O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\wallpaper\img24.jpg O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\wallpaper\img24.jpg ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\MILOUCHE\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly [MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.) [0] =>PUP.DealPly [MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Updater19962.exe] (...) -- C:\Users\MILOUCHE\AppData\Local\Updater19962\Updater19962.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{99C7790F-C1C1-448A-B3B8-42A6B6D3CE9E}] (...) -- F:\install.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D5387625-C64E-4B11-A11C-1E335CB29737}] (...) -- F:\setup.exe (.not file.) [0] ~ Scheduled Task: 14 Legitimates Filtered in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Ciel Comptes Personnels 6.0 - (.Ciel.) [HKLM] -- {04660D14-69E6-4585-95AF-5C96C0D624BF} O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 =>P2P.Azureus ~ Logic: 84 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Azureus] =>P2P.Azureus [HKCU\Software\BitTorrent] =>P2P. [HKCU\Software\SpeedMaxPc] [HKLM\Software\Azureus] =>P2P.Azureus [HKLM\Software\SpeedMaxPc] ~ Key Software: 180 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 30/03/2013 - 19:08:56 - [0] ----D C:\Program Files\GUMDC41.tmp O43 - CFD: 11/02/2012 - 10:47:12 - [15,024] ----D C:\Program Files\Vuze =>P2P.Azureus O43 - CFD: 27/03/2012 - 19:54:11 - [0] ----D C:\ProgramData\eMule O43 - CFD: 11/03/2009 - 19:06:55 - [1,294] ----D C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} O43 - CFD: 12/02/2012 - 11:26:48 - [12,517] ----D C:\Users\MILOUCHE\AppData\Roaming\Azureus =>P2P.Azureus O43 - CFD: 20/06/2012 - 21:43:38 - [1,322] ----D C:\Users\MILOUCHE\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 22/08/2012 - 11:04:06 - [0] ----D C:\Users\MILOUCHE\AppData\Local\eMule ~ 879 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 1206 Legitimates Filtered in 00mn 11s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/04/2013 - 07:57:50 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0] O44 - LFC:[MD5.70AC452BDA05CC176852D712C7092838] - 27/04/2013 - 10:44:59 ---A- . (...) -- C:\PhysicalMBR.bin [512] O44 - LFC:[MD5.CA9D5826A58411E0095BA6D41E31FF9B] - 23/04/2013 - 08:44:11 ---A- . (...) -- C:\Windows\System32\jupdate-1.7.0_21-b11.log [4003] ~ Files: 24 Legitimates Filtered in 00mn 01s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {3EB0CAFE-1897-4260-8E36-23DBD89B7A93} - (WiseConvert 1.5 Customized Web Search) - http://search.conduit.com =>Toolbar.Conduit O69 - SBI: SearchScopes [HKCU] {5E3D418B-1C06-4C2F-8FFC-0D7AFB6E2533} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {8C0D8363-CC0E-41B8-894E-28DE279493CA} - (Ask Search) - http://websearch.ask.com O69 - SBI: SearchScopes [HKCU] {CBE1C74C-8EE8-4522-99E1-DEC189BFE29E} - (Search the web (Softonic)) - http://search.softonic.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.21C8AE57DE528DFB143BE956122B8AEC] [SPRF][26/03/2012] (...) -- C:\Users\MILOUCHE\AppData\Local\d3d9caps.dat [680] [MD5.DFA3DE12217AA1F2EFFC0F8AE3C682A7] [SPRF][28/11/2011] (...) -- C:\Users\MILOUCHE\AppData\Roaming\wklnhst.dat [1658] [MD5.9DC7262DD8A36C5B1488231A29762554] [SPRF][28/04/2013] (.Driver-Soft Inc. - Driver Genius Setup.) -- C:\Users\MILOUCHE\Desktop\Driver_Genius_Professional_355594.exe [10621232] [MD5.916CB2A0281F8921223569BED43D1630] [SPRF][28/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MILOUCHE\Desktop\ZHPDiag2.exe [5611886] ~ Files: Scanned in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "TCP Query User{7A499F13-4C8E-4524-BDBE-AD7D108D254D}C:\program files\utorrent\utorrent.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\utorrent\utorrent.exe (.not file.) =>P2P.µTorrent O87 - FAEL: "UDP Query User{7A079CAF-832C-4A35-AF09-0DEFA5087C43}C:\program files\utorrent\utorrent.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\utorrent\utorrent.exe (.not file.) =>P2P.µTorrent O87 - FAEL: "TCP Query User{59C7F27C-1887-4D71-B9AF-CDA6B71AD23D}C:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{BE508B30-C3C9-47CE-B480-8A4B62CBCE11}C:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{E65373BE-5498-42E5-B831-FF2DB6346CE2}C:\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{4C62482B-3B7B-4034-B2FC-DFADACE2FAD4}C:\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{E9988837-C257-40D7-B4EE-0C295AFDB98A}C:\program files\logitech\logitech vid\vid.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\logitech\logitech vid\vid.exe (.not file.) O87 - FAEL: "UDP Query User{30B4698C-884A-4ED7-839A-BA773BCD1C27}C:\program files\logitech\logitech vid\vid.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\logitech\logitech vid\vid.exe (.not file.) O87 - FAEL: "{9FC14D7A-A8C6-41E0-978F-2C9D1DF8DFB3}" |In - Public - P6 - TRUE | .(...) -- F:\data\eSKernel.exe (.not file.) O87 - FAEL: "{E81277AE-B5E5-4C46-90E6-0DBD2DC31292}" |In - Public - P17 - TRUE | .(...) -- F:\data\eSKernel.exe (.not file.) O87 - FAEL: "{49301D60-F9FA-4EEE-AFFE-D53FFA1BCDA5}" |In - Private - P6 - TRUE | .(...) -- F:\data\eSKernel.exe (.not file.) O87 - FAEL: "{CD5BC16B-D96B-4293-925B-4A6685727132}" |In - Private - P17 - TRUE | .(...) -- F:\data\eSKernel.exe (.not file.) O87 - FAEL: "{7058C59B-47B2-48BA-9EA0-A2DBF865BD61}" |In - Private - P6 - TRUE | .(...) -- F:\eSKernel.exe (.not file.) O87 - FAEL: "{A22EBD0E-159B-4085-8173-107462B1AD21}" |In - Private - P17 - TRUE | .(...) -- F:\eSKernel.exe (.not file.) O87 - FAEL: "{805B53D1-891F-4B7B-8B50-D0C3DD753237}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe (.not file.) O87 - FAEL: "{269B9F79-3B6C-4B64-8E70-BBB4A29F563E}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe (.not file.) O87 - FAEL: "TCP Query User{7B61E196-98F3-4F4C-A8DB-95E2D09389B1}E:\emul\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- E:\emul\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{3A48711A-91DF-4B75-B455-7CEB495AB621}E:\emul\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- E:\emul\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{611AC5C2-3510-47F5-80BB-2205C4694046}E:\emul\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- E:\emul\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{C13B27CC-B3A4-46E3-A1E8-BB062A1E14E6}E:\emul\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- E:\emul\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{65AE396A-E3FA-4C4A-BD57-7D08B92D4CFA}C:\program files\ifreetv\ifreetv.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ifreetv\ifreetv.exe (.not file.) O87 - FAEL: "UDP Query User{3F34FB8E-6EC2-4A12-BE27-1C88B1C84C00}C:\program files\ifreetv\ifreetv.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ifreetv\ifreetv.exe (.not file.) O87 - FAEL: "{2D39E4A7-5A96-4108-B6D0-17DD59BF4093}" |In - Private - P6 - TRUE | .(...) -- C:\Users\MILOUCHE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M01QQUZ4\SweetImSetup.exe (.not file.) =>PUP.SweetIM O87 - FAEL: "{2D00BB80-9296-4E51-ABC8-6B266508A260}" |In - Private - P17 - TRUE | .(...) -- C:\Users\MILOUCHE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M01QQUZ4\SweetImSetup.exe (.not file.) =>PUP.SweetIM O87 - FAEL: "{AC98738F-1284-4A9A-BF0D-396EAF1AD1D4}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus O87 - FAEL: "{6E0AA6F9-289D-4B06-B908-782FF48E76C9}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus O87 - FAEL: "TCP Query User{D8AD281E-9048-44FE-96C3-4556295FC621}E:\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- E:\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{8101C0A7-1EAF-461C-B336-1A104CE9BDD5}E:\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- E:\emule\emule.exe (.not file.) O87 - FAEL: "{AE1B961E-BD91-44A9-8656-B43029EB28BA}" |In - None - P6 - TRUE | .(...) -- E:\téléchargements\uTorrent.exe (.not file.) =>P2P.µTorrent O87 - FAEL: "{41502C72-6DF1-4FD6-9198-120AF85A6348}" |In - None - P17 - TRUE | .(...) -- E:\téléchargements\uTorrent.exe (.not file.) =>P2P.µTorrent O87 - FAEL: "TCP Query User{B74893A9-5DFB-4FD1-9A5F-EE0A11075DB9}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe (.not file.) O87 - FAEL: "UDP Query User{61304B70-40F3-423A-B62C-1BC26959C427}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe (.not file.) O87 - FAEL: "TCP Query User{7BF49F35-2594-4142-A238-4E14F122E3AF}F:\fscommand\updater.exe" |In - Private - P6 - TRUE | .(...) -- F:\fscommand\updater.exe (.not file.) O87 - FAEL: "UDP Query User{F762768C-236F-4883-ABC9-0C5C832055D5}F:\fscommand\updater.exe" |In - Private - P17 - TRUE | .(...) -- F:\fscommand\updater.exe (.not file.) O87 - FAEL: "TCP Query User{B8605D6C-5DD1-428B-BD8E-5A3187C40FD9}C:\program files\hercules\dualpix hd720p emotion\xtrctrlpro.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files\hercules\dualpix hd720p emotion\xtrctrlpro.exe O87 - FAEL: "UDP Query User{6D4FF224-F5D5-4340-B3BC-99DBD9870099}C:\program files\hercules\dualpix hd720p emotion\xtrctrlpro.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files\hercules\dualpix hd720p emotion\xtrctrlpro.exe ~ Firewall: 243 Legitimates Filtered in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.11735 - (27/04/2013) Clés trouvées (Keys found) : 8 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 3 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{493CCB71-DCAD-4257-9F08-8750F63BD792}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220122992262}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ C:\Program Files\Software =>Adware.Boxore C:\ProgramData\Software =>Adware.Boxore C:\Users\MILOUCHE\AppData\Local\Software =>Adware.Boxore ~ Additionnel Scan: 231907 Items scanned in 00mn 18s ---\\ Product Upgrade Codes (O90) O90 - PUC: "2F0F48BCB729D854D95C7838E2D36C35" . (.GearDrvs.) -- C:\Windows\Installer\{CB84F0F2-927B-458D-9DC5-87832E3DC653}\ARPPRODUCTICON.exe ~ Update Products: 99 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 11/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 23/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 23/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 24576 | (ETService) . (...) - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files\WildTangent Games\App\GamesAppService.exe SS - | Auto 06/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 06/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 13/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 31/01/2013 634656 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Auto 10/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 272024 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe SS - | Auto 01/03/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 00s ~ 2082 Legitimates filtered by white list End of the scan (488 lines in 00mn 54s)(0)